ISO and IEC Compliance with SVT
What is ISO/IEC and who does it apply to?
ISO/IEC 27002 is an information security standard published by the International Organization for Standardization (ISO) and by the International Electrotechnical Commission (IEC) as ISO/IEC 17799:2005. It was subsequently renumbered ISO/IEC 27002:2005 in July 2007, bringing it into line with the other ISO/IEC 27000-series standards. It is entitled Information technology – Security techniques – Code of practice for information security management. The current standard is a revision of the version first published by ISO/IEC in 2000, which was a word-for-word copy of the British Standard (BS) 7799-1:1999.
How does ISO/IEC affect your enterprise?
ISO/IEC 27002 provides best practice recommendations on information security management for use by those who are responsible for initiating, implementing or maintaining Information Security Management Systems (ISMS). Information security is defined within the standard in the context of the Confidentiality, Integrity and Availability (CIA) triad:
The preservation of confidentiality (ensuring that information is accessible only to those authorized to have access), integrity (safeguarding the accuracy and completeness of information and processing methods) and availability (ensuring that authorized users have access to information and associated assets when required).
How SVT can help you!
ISO 27002 contains 12 control families and approximately 170 objectives. Many are process and policy-related requirements, in other words not managed by IT technical systems. Of the remaining, SVT Audit Manager 2010 monitors all that can be audited in a Windows environment. This means more than 140 requirement-mapped report combinations can produce data from several of control families including Access Control, Compliance, Information Security and Incident Response, and more.
ISO 27002 is an internationally recognized standard of information security best practices. SVT Audit Manager 2010 gives you a mechanism that supports sound, repeatable security management, and that’s a cornerstone security requirement regardless of which standard you must adhere to.
Please contact us today for more information on how SVT Audit Manager 2010 can help meet your regulation needs.